* Posts by W60

11 publicly visible posts • joined 24 Jun 2010

FBI says more cyber attacks come from China than everywhere else combined

W60

Re: Well, that came completely out of the blue

....and in other news they have worked out where bear defecate

Upside down, you turn me, you're giving bork instinctively: Firefox flips as a train connection is missed

W60
Happy

....bit harsh all the down votes that comment got :)

After 16 years of hype, graphene finally delivers on its promise – with a cosmetic face mask

W60

Seems to me what versarien are doing is more interesting with graphene than masks some collaboration on 3d printed bridges over railway lines... I am lead to believe Haydale dont make their own graphene

Honeywell, I blew up the qubits: Thermostat maker to offer cloud access to 'world's most powerful quantum computer' within months

W60

I believe that is the action you take when the proverbial hits the fan

Pharma-testing biz Eurofins Scientific says it fell victim to 'new version' of malware

W60

information sharing

Would be really more helpful if people actually shared details of the malware ....new version of what family?...what's new? I know they dont want to admit either employee X click on a link in the email or opened an attachment, or we left RDP, SSH or some other unsecured service open to the internet but a little detail to help the community (I know I'm a dreamer)

Dead LAN's hand: IT staff 'locked out' of data center's core switch after the only bloke who could log into it dies

W60
Facepalm

rubbish statement - takes two to tango

"No clue about VLANs, no clue about if it has STP, or trunking, or anything."

Yes you do - if you have access to the attached switches/devices to the core then you have the other half of the config. Totally agree with the previous comments on the mgmt side should ensure this situation doesn't happen, and backups (all things fail human and silicon) but as a network guy with 20yrs +, STP is a mutual thing as should be the vlan and trunking (packet sniffer will show up most of this). You will need down time for the replacement but hunt for the clues first on the wire and attached devices first if you really are situation. You should not get in to this situation and is bad working practise from all parties, it is a fire fight but not all is lost (if you do not know what your core switch is doing for your critical traffic with out seeing the config please find the door....oh you cant do that with out being provided a map I see your problem!)

F5: Don't panic but folks can slip past vulnerable firewall servers, thanks to libssh's credentials-optional 'security'

W60

Re: Loads of places

100% agreed - looked at nginx last year and tried to see if we could replace our F5 setups and while it covered the basic functionality and some traffic manipulation their sales engineers in the end admitted it couldn't replicate the config....this said they cost a pretty penny but are usually rock solid devices which do what they say on the tin.

When I read the article title it was a brown trouser moment thinking I was about to have a long weekend but the title did not match the content (dont use AFM)

Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy'

W60

seemed to miss calling out what I see is a relatively important point -- the server needs to have 32GB or more memory:

Our exploit requires "only" 2 * 16GB = 32GB of memory, instead of 3 * 16GB = 48GB or more, because we use a few tricks to reduce its memory footprint

Leatherbound analogue password manager: For the hipster who doesn't mind losing everything

W60

The fact there is not even a lock on it to give any attempt of security

Tool lets low-end PC crash much more powerful webserver

W60

Workaround

Per the THC site:

"No real solutions exists. The following steps can mitigate (but not solve)

the problem:

1. Disable SSL-Renegotiation

2. Invest into SSL Accelerator

Either of these countermeasures can be circumventing by modifying

THC-SSL-DOS."

Surely then just limiting connection based upon src IP with renegotiation is a mitigation that can't be circumvented....unless you can spoof the traffic

Aus politicians puppeted by hackers

W60

come on guy ACL...dont you get?????

ACL = Access Control List ... firewalling